Jump to content

Connecting to database.

GameYin

By GameYin
in PHP Coding Help

 Share

Recommended Posts

GameYin Member

GameYin

Posted
  • Author
Posted

I completely lose ya there bud. I think your right...I don't think register.php will help you, it only inserts into database...I will give you full login.php

Then you can make the assumption yourself..

<?php
ob_start();

$host="localhost"; // Host name 
$username="gameyinc"; // Mysql username 
$password="*****"; // Mysql password 
$db_name="gameyinc_members"; // Database name 
$tbl_name="users"; // Table name 
$user=$_POST['username'];
$link = mysql_connect("$host", "$username", "$password")or die(mysql_error());
mysql_select_db("$db_name")or die("cannot select DB")
or die ("Could not connect to mysql because ".mysql_error());

$match = "select id from $tbl_name where username = '".$_POST['username']."' 
and password = '".$_POST['password']."';"; 

$qry = mysql_query($match) 
or die ("Could not match data because ".mysql_error()); 
$num_rows = mysql_num_rows($qry); 

if ($num_rows <= 0) { 
echo "Sorry, there is no username $username with the specified password.<br>"; 
echo "<a href=login.html>Try again</a>"; 
exit; 
} else { 

setcookie("loggedin", "TRUE", time()+(3600 * 24));
setcookie("mysite_username", "$user");
echo "You are now logged in!<br>"; 
echo "Continue to the <a href=\"index.php\">Home</a> Page."; 
}
ob_end_flush();
?>

Here is logout.php since it uses cookies too.

 

<?php

// expire cookie
setcookie ("loggedin", "", time() - 3600);

echo "You are now logged out.<br>";
echo "<a href=\"login.html\">Log in</a> Or go to the home page, <a href=\"index.php\">Home</a>";

?>

MadTechie Regular Member

MadTechie

Posted
Posted

Humm code should be ok if their on different pages (unless you click back, instead of the link)

would need to see the index.php page

and know the problem a little better

 

Just better point this out

update the code (see below) as your login is vulnerable to an SQL injection exploit

(anyone can login as anyone or even change other peoples password, drop the database etc)

 

you could also hash the password (we're come back to that)

(seach this forum for MD5 your find a ton of stuff)

 

<?php
ob_start();

$host="localhost"; // Host name 
$username="gameyinc"; // Mysql username 
$password="*****"; // Mysql password 
$db_name="gameyinc_members"; // Database name 
$tbl_name="users"; // Table name 
$user=$_POST['username'];
$link = mysql_connect("$host", "$username", "$password")or die(mysql_error());
mysql_select_db("$db_name")or die("cannot select DB")
or die ("Could not connect to mysql because ".mysql_error());
//****Add this
$uName = mysql_escape_string($_POST['username']);
$uPass = mysql_escape_string($_POST['password']);
//**$match =  change to this
$match = "select id from $tbl_name where username = '$uName' and password = '$uPass';"; 

$qry = mysql_query($match) 
or die ("Could not match data because ".mysql_error()); 
$num_rows = mysql_num_rows($qry); 

if ($num_rows <= 0) { 
echo "Sorry, there is no username $username with the specified password.<br>"; 
echo "<a href=login.html>Try again</a>"; 
//exit; ..not needed
} else { 

setcookie("loggedin", "TRUE", time()+(3600 * 24));
setcookie("mysite_username", "$user");
echo "You are now logged in!<br>"; 
echo "Continue to the <a href=\"index.php\">Home</a> Page."; 
}
ob_end_flush();
?>

GameYin Member

GameYin

Posted
  • Author
Posted

index.php just displays the 2 links, depending on the cookie, nothing really there... anyway for sessions dont u need session_start? What page is the code you listed for? login.php?

 

Code worked, still doesn't help with the refresh issue. I still think it has something to do with the cookies....

MadTechie Regular Member

MadTechie

Posted
Posted

I just created an account (tester)

it seams to be ok, (unless i use the back button)

so

you could use a metatag redirect

ie

<?php
echo "You are now logged in!<br>"; 
echo "Continue to the <a href=\"index.php\">Home</a> Page."; 
?>

to

<?php
$url = "index.php";
$time = 5;
echo "<html><head> <title>Logged in</title> <META http-equiv=\"refresh\" content=\"$time;URL=$url\"> </head> <body> <center>You will be redirected automatically in $time seconds. or click <a href=\"$url\">here</a> </center></body></html>"; 
?>

GameYin Member

GameYin

Posted
  • Author
Posted

I know you created an account called tester..

 

www.gameyin.com/list.php

;D

 

Anyway...the code right now, am I using sessions? session_start...?

 

..ok I will put that

Also, I guessed testers' password, very original ;D

 

Also that doesn't work, maybe I should put the meta refresh (in what I think I heard before was a sleep mode of some kind?)

Anyway should I do that "sleep mode" thing for 2 seconds then call the meta refresh?

MadTechie Regular Member

MadTechie

Posted
Posted

the thing is,

i got to

http://www.gameyin.com/index.php

click login

enter the username & password

then click 'Home' and everything seams okay!

 

are you getting something different ?

 

if you click back, then that will cause the problem

GameYin Member

GameYin

Posted
  • Author
Posted

Once it goes to login.php, and then it says continue to home page, i click that, and it still displays index.php as if nothing happened....Does anyone else see what I'm seeing? If it's just me then I guess something is wrong with my cache, I'll ignore it.....??

GameYin Member

GameYin

Posted
  • Author
Posted

:D Thanks for it. I have an error now, go try logging in.

 

setcookie("loggedin", "TRUE", time()+(3600 * 24), "/");
setcookie("mysite_username", "$user", "/");
echo "You are now logged in!<br>"; 
echo "Continue to the <a href=\"index.php\">Home</a> Page.";

MadTechie Regular Member

MadTechie

Posted
Posted

oops

setcookie("loggedin", "TRUE", time()+(3600 * 24), "/");
setcookie("mysite_username", "$user", time()+(3600 * 24),"/"); //updated 3rd = expire, 4th = path
echo "You are now logged in!<br>"; 
echo "Continue to the <a href=\"index.php\">Home</a> Page.";

MadTechie Regular Member

MadTechie

Posted
Posted

erm.. if you intrested..

read up on session (if you get stuck swapping cookies for sessions start a new thread)  ;)

maybe read into the isset() function and $_POST and combine to have the login.php and logout.php script contained in the same file..

other than that i think we're done :)

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.